Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SUSE: 2019:1849-1 Moderate: Podofo Denial Of Service Fix

suse
Calendar Grey July 15, 2019
Dist Suse Esm H88
SUSE Security Alert: This notification pertains to a significant update for podofo, resolving urgent vulnerabilities linked to Denial of Service (DoS) threats.
An update that fixes 5 vulnerabilities is now available

Summary

This update for podofo fixes the following issues: Security issues fixed: - CVE-2017-8054: Fixed a vulnerability in PdfPagesTree::GetPageNodeFromArray function which could allow remote attackers to cause Denial of Service (bsc#1035596). - CVE-2018-5783: Fixed an uncontrolled memory allocation in PdfVecObjects::Reserve function (bsc#1076962). - CVE-2018-11255: Fixed a null pointer dereference in PdfPage::GetPageNumber() function which could lead to Denial of Service (bsc#1096890). - CVE-2018-20751: Fixed a null pointer dereference in crop_page function (bsc#1124357). - CVE-2018-12982: Fixed an invalid memory read in PdfVariant::DelayedLoad() function which could allow remote attackers to cause Denial of Service (bsc#1099720). - Fixed a buffer overflow in TestEncrypt function.

Topics%20covered

Topics Covered

security advisory moderate denial of service SUSE podofo

References

#1035596 #1076962 #1096890 #1099720 #1124357

Cross- CVE-2017-8054 CVE-2018-11255 CVE-2018-12982

CVE-2018-20751 CVE-2018-5783

Affected Products:

SUSE Linux Enterprise Workstation Extension 12-SP4

SUSE Linux Enterprise Software Development Kit 12-SP4

SUSE Linux Enterprise Desktop 12-SP4

https://www.suse.com/security/cve/CVE-2017-8054.html

https://www.suse.com/security/cve/CVE-2018-11255.html

https://www.suse.com/security/cve/CVE-2018-12982.html

https://www.suse.com/security/cve/CVE-2018-20751.html

https://www.suse.com/security/cve/CVE-2018-5783.html

https://bugzilla.suse.com/1035596

https://bugzilla.suse.com/1076962

https://bugzilla.suse.com/1096890

https://bugzilla.suse.com/1099720

https://bugzilla.suse.com/1124357

Announcement ID: SUSE-SU-2019:1849-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate denial of service SUSE podofo

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here